Please DM. Looking for the registration code. Just need the name of the registrant so I can enter that in the box before using the code.

Hi. For my school assignment, I need to find a tool for analysing a EX01 file. It needs to be able to find Evidence number, SHA1, Model, Serial number and other stuff. So far, I found autopsy and FTK Imager. School says they won’t give marks for overused tools like autopsy so I’m kinda scared of marks being deducted for using it. So i’m looking for any alternatives other than the 2 that can be used. Thank you.

I am a college student pursuing a bachelors in cybersecurity with the hope to minor in digital forensics or cybercrime investigations (will have to transfer for the minor). I am a survivor of child sexual abuse and have previously dedicated over 800 hours as a volunteer investigative advocate investigating animal cruelty cases online. I worked with a non profit to investigate and infiltrate animal torture rings and networks and also had brief but meaningful interactions with LE and a special agent on the ICAC unit. All of the work I have done has been OSINT. My hope is to land a job within LE or work alongside LE as a cybercrime investigator or 1811 investigating animal/child exploitation and abuse online. I think it’s relevant to note I am not too interested in computer science which is why I did not choose that major, I am interested in the hands on investigative role, however I also know that education and certs are highly relevant to these jobs and so I settled on cybersecurity. I am aware that cybersecurity in general is an oversaturated job market, incredibly hard to find an entry level job, and that employers prefer applicants with a compsci or IT degree over a cybersecurity one. I am also aware how sensitive and devastating these cases are and that long time exposure causes extreme distress. I know because I’ve been exposed to them, and I’ve lived it, I see people who have asked similar questions be lectured on how much it sucks, and I just want to let everyone know that I am very aware and am still going to pursue it. My main concern is wasting time and money on a degree and certs with how difficult and competitive cybercrime investigator and 1811 fbi roles are, knowing that most people working the ICAC and VCAC unit have military experience ,or are sworn in officers, and how difficult it will be to stand out as an applicant. I’d love to hear your education and career journey, the pros and cons of this field, and what your work looks like. If anyone could offer advice, their opinions, tips, or a reality check I’d really appreciate it and thank you for your response and time.

All is in the title, I'm searching for a good ova, with all the tools that can be used on windows for forensic investigations (like all the Zimmerman tools, ftk etc) I'm searching something similar to sift workstation or tsurugi but on windows since there is a lake of tools for parsing win artefacts on linux Thank you 😁

Hi all,

When a rich url link is shared, kik creates a preview of the link with an image or some media.

When this is received on another device, does anyone know where or what folder kik saves the thumbnail image/media when a rich url web link is received?

Many thanks!

I’m navigating a situation where I believe there may have been unauthorized monitoring on my device even after termination. I’ve been digging into the analytics logs and noticed unusual patterns of MDM client activity, service initialization, and potentially tracking-related logs on both my laptop and phone, but I want to confirm if there’s anything substantial here that would hold up legally.

From what I understand, an FFS (Forensic File System) extraction might be the most thorough way to dig into the filesystem and identify evidence of remote access, monitoring configurations, or any unusual data transfers. Before I proceed, I’d love to get some insights from this community:

1.	**Would an FFS extraction help verify unauthorized monitoring?**

2.	Are there specific things I should focus on if I go this route (e.g., specific log types, metadata)?

3.	Any other forensic approaches or tools I should consider for proving unauthorized monitoring?

Thanks in advance for any advice! Trying to keep it broad here, but let me know if you need more specifics.

My boss keeps sending us imei numbers and asks us to find the brand/model of the phone device. Is there a better way to do this than use the ad ridden websites that sometimes say invalid imei?

Are there any open source forensic tools that will allow me to conduct a full file system on my own phone?

The program Whisper is hallucinating!

Whisper is programmed in Python and a wonderful tool to transcribe audio recordings. Courts have been using this for years and it has become available if you know how to program in Python. Big news in this Associated Press article.

https://apnews.com/article/ai-artificial-intelligence-health-business-90020cdf5fa16c79ca2e5b6c4c9bbb14

My background - I studied biomedical science which graduated from but not well enough where I think I will be able to do a masters. I am currently working in Admin at university but this something I don’t want to do long term and I am ready to make change. I am interested in digital forensic but i have no educational background /experience in digital forensic or criminology. Is there any books/ course (preferably free), roles that I can get into that would make qualified enough to pursue this as a career. I am also based in the UK. This would be a career change for me. Any advice for me.Appreciate the help🥰

Hi, I'm looking to get accustomed to DFIR as a SOC Analyst. I've stumbled upon CSI Linux, Tsurugi, SIFT, Caine.

I'd like to know which OS do you prefer and why ? What other tools could be added to basically cover most common areas of the field.

I'm also open to any other suggestions. Preferably GUI-friendly

Thanks

So, I have a situation where it's critical that I retrieve the messages I deleted from Instagram. I deleted these messages because they were all in the past, and the people in the messages I deleted weren't talking anymore so I decided to move on. I gave my phone to a digital forensic detective who's worked in the police force for years and he said he could recover both Instagram and Snapchat messages. Still, I have been having a lot of anxiety because I have been reading up online lately and there have been websites saying that it is pretty much impossible unless there is a search warrant through Instagram. Is there anyone on here who can tell me if a forensic expert like him can recover both Instagram and Snapchat messages off my phone? He's had my phone for two weeks and I still haven't heard back from him about the process.

The latest 13Cubed episode is out! Join us for a complete walkthrough of KG Distribution, the 13Cubed challenge created for XINTRA Labs. Learn more at xintra.org/labs.

Episode:
https://www.youtube.com/watch?v=A7Bh7vnAooQ

More at youtube.com/13cubed.

Is anyone familiar with identityservices on ios and macos? I keep running into logs within the idstatuscache.plist and ids-pub-id.db that have "com.apple.private.alloy.nearby" and I can't for the life of me figure out what is triggering these logs. I am aware that com.apple.madrid is imessage, for instance, and I am also aware that the logs are for apple id authentication. I just need to determine what action/app is correlated to the nearby logs. I also have determined that it is NOT at all actually nearby, because I have confirmation that multiple of the logs are from devices in other cities or even other states. Please let me know if you have any knowledge on this or even any guidance on where I can look. Thank you so much!

In a certain predicament, im in a hostile situation where I need help from skilled or operative people with knowledge of a certain set of individuals and there actions. I am in desperate need of a fully functioning and reliable and capable phone or Internet device that will allow me to contact authorities without influence, my friends, family and romantic partners and people through social media. the devices i have to hand have been hacked and tampered with by this group who have described themselves as many things including there name being Atunda (further information in my posts). The application which I need to be able to use and to function in response to my posts and actions and doings are; Instagram, Facebook, threads, tiktok, LinkedIn, grindr, outlook, WhatsApp, software such as corel painter, photoshop, rebelle 7 and numerous PC and mobile games and mac softwares and computers. I would the handsome some of £5,000 in British currency to whoever fulfills this ask. I am based in the UK in the north, Manchester. I would proceed further details upon request and email. These individuals have also hacked into my social media platform accounts and influenced my career baring, job offers and connections. a further some of £2,500 would be paid to who ever could stop this in its tracks. I will share details in private given the opportunity to whoever is serious about helping me in this situation. I have limited access to the Internet so if you find this post please contact me through my email or phone number or the site it is posted on my address for verification ends in a e and favourite thing ends in a i contact me with details and your skill set and experience and location and I will explain further. Like I have explained in this situation my access to communication devices is limited however, I will hopefully be able to connect with some who can fix these serious problems. Discretion is at the upmost and a continued relationship past our initial conversation could be of advantage to both of us, given my connections and knowledge in areas. If you're up for the challenge and professional and discrete in your undertaking please contact me. Please be open to ideas and suggestions, my areas of knowledge are broad and my skills are beneficial to me. and I can't stress enough how pressing this matter is, I need to be able to connect with my loved ones and friends and also allow for career development and authorities. If you have skills in IT, software development, hacking or AI integration or know of ways to communicate with or find the people I have outlined please contact me as I will pay handsomely.

In reference to my post about open-source DF tools, I saw one comment that talked about ddrescue.

I would like to demonstrate the use of it, but I can't figure out a way to corrupt my USB drive in a way that can be recovered by ddrescue. I tried using dd to write random data to the start of the partition. After running ddrescue, the img file retrieved shows as data type, and mounting it gives errors.

How should I effectively show the use of ddrescue to retrieve stuff from corrupted disks/usb sticks?

https://www.data-forensics.de

My phone is an network-unlocked but unrooted Moto One 5G Ace running Android 11- Qualcomm Spandragon chipset. I need to recover some deleted texts (stock Android messaging app) to help resolve an issue. I'm fairly tech savvy and have been doing my research. I've learnt that there is logical vs physical extraction. However as I understand, a physical extraction will require unlocking the bootloader which involves rooting and thereby losing all data in the process. On the other hand a logical extraction will not contain any deleted items. Moreover as I understand since Android 10, all phones implement FBE which makes physical extraction significantly harder but the good thing is that this is my own phone that I'm looking to do the extraction on. Another thing I've learnt about is that deleted texts and other items hang around in the slack space.

What is the possibility of being able to recover those deleted individual texts from a specific conversation with one specific person?

TLDR: drugs in my past, sober for nearly a decade, is DFIR and cybersecurity out of my reach?

Backstory: I am a senior undergraduate student studying cybersecurity, graduating next semester. I fell in love with DFIR after taking a course that convinced me to swap from IT to Cyber in my early junior year.

I started classes 10 years after I graduated high school so I am a bit older than most undergrads.

This is relevant because the reason I didn’t go to college after graduation is due to drugs. I fell off bad. I got sober approximately 8-10 years ago. And went back to school.

Fast forward to now, I was going to try for an internship at a state police cybercrime department. But they ask you to list all the drugs you’ve done. (An unfortunate long list with a short career) and polygraph you. I’m not a liar so obviously, I would be honest.

I really want to try and I kind of know the chief from the research lab I work in at school. But I am terrified to think that my past will legitimately ruin my chances of ever doing the only thing I’ve ever had deep passion to do because I was lost as a child.

Should I try anyway? Am I completely locked out of this path? I don’t want to JUST do research forever.

Just wondering if there are any acquisition tools for Intel-Based MacOS Ventura? I have tried using OSXPmem but the memory artefact wasn't able to be read by Volatility3.

Note: I'm looking for a free tool

Hey there,

As the title states this is the first time I’m using autopsy and also my first practice case do some of you have any advice how I should conduct my search strategy?

Hi all, Does anyone know a massive repository of triage packs (kape outputs) and disk images which would allow people to practice their DFIR skills? I’m thinking of something similar to vuln hub but for DFIR ?

I am currently a university student in Digital Forensics in Quebec, Canada. I have a strong interest in joining my local police department’s forensics unit. Some of my classmates are already police officers, and after speaking with them, I learned that once I graduate as a forensic investigator, I will need to undergo full police training. That’s fine, but the issue is that I would have to work as a police officer for five years before becoming eligible for an investigator role, as it’s a sergeant-level position.

My background is primarily in IT. I already hold a license in software development, along with a degree in forensic and cyber security. After spending so many years focused on forensics and development, I’m not keen on spending five years doing general police work, like issuing speeding tickets, before moving into a role that aligns with my skills and experience.

Is this the standard process everywhere? Are there any alternative paths I could take?

Hello people I just have a noob question for you all: I just needed to know if Man In the Middle attacks were done remotely, via links and software, or if someone would/could install a physical device outside of my property to gain access to my internet traffic or take control of my devices.

Thanks

Today I was going through the firewall and I saw that my phone was scanning the network and tried access to port 80 of AP.
The phone im talking about is Xiaomi Mi11T. Is there any way to find the root cause of this incident?